Sophie: kernel-2.6.18-238.el5 src

kernel-2.6.18-238.el5.src.rpm

From: Michal Schmidt <mschmidt@redhat.com>
Subject: [RHEL 5.1 PATCH] BZ 222031: Some db2 operations cause system to hang
Date: Fri, 30 Mar 2007 14:05:20 +0200
Bugzilla: 222031
Message-Id: <460CFD00.6010703@redhat.com>
Changelog: [mm] Some db2 operations cause system to hang


Red Hat BZ: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=222031

Description: Calling madvise(...,...,MADV_REMOVE) on a region extending
past a VMA can cause an infinite loop in the kernel or even a kernel panic.

The patch is upstream:
Commit: 00e9fa2d6421fbbefb4c02821a1e779a3ce47781
Author: Nick Piggin <npiggin@suse.de> Fri, 16 Mar 2007 13:38:10 -0800
    [PATCH] mm: fix madvise infinine loop

A testcase is available. I checked that the patch fixes the bug.


diff -Nurp linux-2.6.18.i686.orig/mm/madvise.c linux-2.6.18.i686/mm/madvise.c
--- linux-2.6.18.i686.orig/mm/madvise.c	2006-09-20 05:42:06.000000000 +0200
+++ linux-2.6.18.i686/mm/madvise.c	2007-03-29 15:32:34.000000000 +0200
@@ -155,11 +155,14 @@ static long madvise_dontneed(struct vm_a
  * Other filesystems return -ENOSYS.
  */
 static long madvise_remove(struct vm_area_struct *vma,
+				struct vm_area_struct **prev,
 				unsigned long start, unsigned long end)
 {
 	struct address_space *mapping;
         loff_t offset, endoff;
 
+	*prev = vma;
+
 	if (vma->vm_flags & (VM_LOCKED|VM_NONLINEAR|VM_HUGETLB))
 		return -EINVAL;
 
@@ -199,7 +202,7 @@ madvise_vma(struct vm_area_struct *vma, 
 		error = madvise_behavior(vma, prev, start, end, behavior);
 		break;
 	case MADV_REMOVE:
-		error = madvise_remove(vma, start, end);
+		error = madvise_remove(vma, prev, start, end);
 		break;
 
 	case MADV_WILLNEED: